review-code

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Skill: Review Code (Orchestrator)

Skill：代码审查（编排器）

Purpose

用途

This skill does not perform code analysis itself. It is a meta skill that orchestrates other atomic review skills in a fixed order, then aggregates their findings into a single report. Use it when the user asks for a full "review code" or "code review" and you want to apply scope → language → framework → library → cognitive skills and produce one combined output. For a single-dimension review (e.g. only diff or only security), invoke the corresponding atomic skill directly (review-diff, review-security, etc.).

该Skill自身不执行代码分析。它是一款元Skill，按固定顺序编排其他原子审查Skill，然后将所有审查结果汇总成一份单一报告。当用户要求进行完整的“代码审查”，且你希望按范围→语言→框架→库→认知类Skill的流程生成一份合并输出时，可使用本Skill。如果是单维度审查（如仅审查diff或仅审查安全），请直接调用对应的原子Skill（review-diff、review-security等）。

Use Cases

使用场景

Full code review: User asks to "review code" or "review my changes" and expects impact, language/framework conventions, security, and architecture in one pass.
Pre-PR or pre-commit: Run the full pipeline (diff + stack + cognitive) and get one report.
Consistent pipeline: Same execution order every time so Cursor or an agent can simulate skill chaining by following this skill's instructions.

When to use: When the user wants a combined review across scope, stack (language/framework/library), and cognitive dimensions. When the user wants only one dimension (e.g. "review my diff" or "security review"), use the atomic skill instead.

完整代码审查：用户要求“审查代码”或“审查我的修改”，期望一次性获取影响评估、语言/框架规范、安全及架构相关结果。
PR前或提交前检查：运行完整流水线（diff + 技术栈 + 认知类审查）并生成一份报告。
一致的流水线：每次执行顺序固定，Cursor或Agent可遵循本Skill的说明模拟Skill链式调用。

适用时机：当用户需要跨范围、技术栈（语言/框架/库）和认知维度的合并审查时。若用户仅需单维度审查（如“审查我的diff”或“安全审查”），请使用对应的原子Skill。

Behavior

行为规范

Orchestration only

仅负责编排

Do not analyze code yourself. Do invoke (or simulate invoking) the following skills in order, then aggregate their findings.
Execution order is fixed so that Cursor or an agent can follow it step by step.

不要自行分析代码。务必按顺序调用（或模拟调用）以下Skill，然后汇总它们的审查结果。
执行顺序固定，确保Cursor或Agent可逐步遵循。

Interaction policy

交互规则

Prefer defaults and choices: Use the defaults in the table below; present options for the user to confirm or select (e.g. [diff] [codebase], [Repo root] [Current dir]), and avoid asking for free-text input when a default exists.
Scope (diff vs codebase): If the user has not explicitly indicated (a) diff/current change (e.g. "my changes", "the diff", "what I changed") or (b) codebase/path (e.g. "this directory", "src/foo", "the repo"), ask the user to choose. In particular, if they said only "review", "review code", or "code review" with no scope cue, do not assume — offer: Review current change (diff) [default] or codebase (given path(s))? and wait for their choice before running any review skill.
If language/framework is not explicit and cannot be inferred from the files in scope, offer choices ([.NET] [Java] [SQL] [Vue] [Skip]); if still unclear, skip and note the skip in the final summary.
Always state which steps were executed and which were skipped (with reason).

优先使用默认值和选项选择：使用下表中的默认值；为用户提供确认或选择的选项（如[diff] [代码库]、[仓库根目录] [当前目录]），当存在默认值时避免要求用户输入自由文本。
范围（diff vs 代码库）：若用户未明确指定（a）diff/当前修改（如“我的修改”“diff”“我改的内容”）或（b）代码库/路径（如“此目录”“src/foo”“仓库”），请让用户选择。特别是当用户仅说“审查”“审查代码”或“代码审查”而未提及范围时，不要自行假设，请提供选项：审查当前修改（diff） [默认] 还是代码库（指定路径）？，等待用户选择后再运行任何审查Skill。
若无法从范围中的文件推断出语言/框架，提供选项（[.NET] [Java] [SQL] [Vue] [跳过]）；若仍不明确，则跳过该步骤并在最终摘要中注明跳过原因。
始终说明已执行的步骤和跳过的步骤（及原因）。

Defaults (prefer confirm or choose; avoid asking for free-text input)

默认值（优先确认或选择；避免要求自由文本输入）

Item	Default	When to deviate
Scope	diff (current change)	User chooses "codebase" to review given path(s) instead.
Scope = diff — untracked	Include untracked files in change set	User can choose "diff only, no untracked."
Scope = codebase — path(s)	Repo root	User chooses one or more paths (offer: repo root / current file’s dir / list top-level dirs to pick).
Scope = codebase — large	By layer (output by module/dir; no single shallow pass)	User can choose a priority subset (e.g. one layer or named modules).
Language / framework	Infer from files in scope	If unclear, offer choices: [.NET] [Java] [SQL] [Vue] [Skip]; do not ask user to type.

项	默认值	偏离时机
范围	diff（当前修改）	用户选择“代码库”来审查指定路径时。
范围 = diff — 未追踪文件	包含变更集中的未追踪文件	用户可选择“仅diff，不包含未追踪文件”。
范围 = 代码库 — 路径	仓库根目录	用户选择一个或多个路径（提供选项：仓库根目录 / 当前文件所在目录 / 列出顶级目录供选择）。
范围 = 代码库 — 大型代码库	按层级（按模块/目录输出；不做单次浅层扫描）	用户可选择优先级子集（如某一层级或指定模块）。
语言 / 框架	从范围中的文件推断	若无法推断，提供选项：[.NET] [Java] [SQL] [Vue] [跳过]；不要让用户手动输入。

Pre-flight: confirm before running

执行前确认

Resolve the following with the user once, before executing any review step. Prefer confirm default or select from options; avoid asking for free-text input when a default exists.

Item	If unclear	Action
Scope	User did not say "my changes"/"diff" vs "codebase"/path (e.g. "review" or "review code" alone = unclear)	Must ask. Offer: Review current change (diff) [default] or codebase (given path(s))? — user chooses; do not assume.
Scope = diff	—	Confirm: Include untracked files? Default Yes. Ensure diff + untracked content available for review-diff.
Scope = codebase	Path(s) not stated	Offer: Review repo root? [default] Or pick path(s): [repo root] [current file’s dir] [list top-level dirs] — user selects, no typing.
Scope = codebase, large	Whole repo or very large dir	Default: output by layer (module/dir). Option: Narrow to a priority subset? — user can choose from listed dirs/modules.
Language / framework	Cannot infer from files	Offer: [.NET] [Java] [SQL] [Vue] [Skip] — user picks one; if Skip or none match, skip and note in summary.

After pre-flight, run the pipeline without further scope questions; report which steps ran and which were skipped.

在执行任何审查步骤前，先与用户确认以下事项。优先使用确认默认值或选择选项**；当存在默认值时避免要求自由文本输入。**

项	不明确时	操作
范围	用户未说明是“我的修改”/“diff”还是“代码库”/路径（如仅说“审查”或“审查代码” = 不明确）	必须询问。提供选项：审查当前修改（diff） [默认] 还是代码库（指定路径）？ — 由用户选择；不要自行假设。
范围 = diff	—	确认：是否包含未追踪文件？默认是。确保diff + 未追踪内容可用于review-diff审查。
范围 = 代码库	未指定路径	询问：审查仓库根目录？ [默认] 还是选择路径：[仓库根目录] [当前文件所在目录] [列出顶级目录] — 由用户选择，无需输入。
范围 = 代码库，大型代码库	整个仓库或超大目录	默认：按层级输出（模块/目录）。选项：是否缩小到优先级子集？ — 用户可从列出的目录/模块中选择。
语言 / 框架	无法从文件推断	提供选项：[.NET] [Java] [SQL] [Vue] [跳过] — 用户选择其一；若选择跳过或无匹配项，则跳过该步骤并在摘要中注明。

完成执行前确认后，无需再询问范围相关问题，直接运行流水线；报告中需说明已执行的步骤和跳过的步骤。

Execution order

执行顺序

When performing this skill, sequentially apply the following steps. For each step, load and run the corresponding skill's instructions, collect its findings (in the standard format: Location, Category, Severity, Title, Description, Suggestion), then proceed to the next step.

Scope
Choose one based on user intent:
- review-diff: Use when the user wants only the current change (git diff, staged + unstaged) reviewed. Load review-diff and run it on the diff.
- review-codebase: Use when the user wants the current state of given path(s), directory(ies), or repo reviewed. Load review-codebase and run it on the specified scope. Run the chosen scope skill; collect all findings.
Language
Choose one or none based on the project's primary language in scope:
- review-dotnet: .NET (C#/F#). Load review-dotnet.
- review-java: Java. Load review-java.
- review-sql: SQL or query-heavy code. Load review-sql. If none match, skip this step. Run the chosen language skill on the same scope; collect all findings.
Framework (optional)
If the project uses a known framework in scope, choose the matching skill:
- review-vue: Vue 3. Load review-vue.
- (Reserved for future: review-aspnetcore, review-react, etc.) If none match, skip. Run the chosen framework skill; collect all findings.
Library (optional)
If the project heavily uses a key library with a dedicated review skill, run it (e.g. review-entityframework when available). Otherwise skip. Collect all findings.
Cognitive
Run in order:
- review-security: security findings.
- review-architecture: architecture findings. (Reserved for future: review-reliability, review-maintainability.)
  Collect all findings.
Aggregation
Merge all collected findings into one report. Group by Category (
```
scope
```
,
```
language-*
```
,
```
framework-*
```
,
```
library-*
```
,
```
cognitive-*
```
) or by file/location, as best fits the report length. Use the same finding format (Location, Category, Severity, Title, Description, Suggestion). Add a short summary (e.g. counts by severity or category) at the top if useful.
De-dup rule: If multiple findings share the same Location + Title and represent the same issue across steps, keep the highest severity and note the other step(s) in the Description (e.g. "Also flagged by language and security").

执行本Skill时，请按顺序应用以下步骤。对于每个步骤，加载并运行对应Skill的说明，收集其审查结果（采用标准格式：位置、类别、严重程度、标题、描述、建议），然后进入下一步。

范围
根据用户意图选择其一：
- review-diff：当用户仅需审查当前修改（git diff、暂存+未暂存内容）时使用。加载review-diff并在diff上运行。
- review-codebase：当用户需审查指定路径、目录或仓库的当前状态时使用。加载review-codebase并在指定范围上运行。运行所选的范围Skill；收集所有结果。
语言
根据范围内项目的主要语言选择其一或跳过：
- review-dotnet：适用于.NET（C#/F#）。加载review-dotnet。
- review-java：适用于Java。加载review-java。
- review-sql：适用于SQL或查询密集型代码。加载review-sql。若无匹配项，则跳过该步骤。在同一范围上运行所选的语言Skill；收集所有结果。
框架（可选）
若范围内项目使用已知框架，选择匹配的Skill：
- review-vue：适用于Vue 3。加载review-vue。
- （预留未来扩展：review-aspnetcore、review-react等） 若无匹配项，则跳过该步骤。运行所选的框架Skill；收集所有结果。
库（可选）
若项目大量使用有专属审查Skill的核心库，则运行该Skill（如可用的review-entityframework）。否则跳过该步骤。收集所有结果。
认知类
按顺序运行：
- review-security：获取安全相关结果。
- review-architecture：获取架构相关结果。 （预留未来扩展：review-reliability、review-maintainability。） 收集所有结果。
汇总
将所有收集到的结果合并为一份报告。根据报告长度，按类别（
```
scope
```
、
```
language-*
```
、
```
framework-*
```
、
```
library-*
```
、
```
cognitive-*
```
）或文件/位置分组。采用统一的结果格式（位置、类别、严重程度、标题、描述、建议）。若有用，可在顶部添加简短摘要（如按严重程度或类别统计数量）。
去重规则：若多个结果的位置+标题相同，且代表不同步骤中的同一问题，则保留严重程度最高的结果，并在描述中注明其他步骤（如“同时被语言审查和安全审查标记”）。

Summary for Cursor/Agent

给Cursor/Agent的摘要

When performing this skill, sequentially apply:
1. review-diff or review-codebase (scope)
2. review-dotnet or review-java or review-sql (language, optional)
3. review-vue or other framework skill (optional)
4. Library skill (optional, when available)
5. review-security, then review-architecture (cognitive)
Aggregate all findings into a single report using the standard findings format. Do not analyze code in this skill; only orchestrate and aggregate.

执行本Skill时，请按顺序应用：
1. review-diff 或 review-codebase（范围）
2. review-dotnet 或 review-java 或 review-sql（语言，可选）
3. review-vue或其他框架Skill（可选）
4. 库Skill（可选，若可用）
5. review-security，然后是review-architecture（认知类）
将所有结果汇总成一份报告，采用标准结果格式。本Skill不进行代码分析；仅负责编排和汇总。

Input & Output

输入与输出

Input

输入

User intent: What to review (e.g. "my changes" → scope = diff; "this directory" → scope = codebase) and optionally project type (e.g. .NET, Java, Vue) to select language/framework.
Code scope: Diff or paths, as provided by the user when invoking the skill.

用户意图：要审查的内容（如“我的修改”→范围=diff；“此目录”→范围=代码库），以及可选的项目类型（如.NET、Java、Vue）用于选择语言/框架。
代码范围：用户调用Skill时提供的diff或路径。

Output

输出

Single aggregated report containing all findings from the steps above, in the standard format (Location, Category, Severity, Title, Description, Suggestion), grouped by category or location, with optional summary.

单一汇总报告，包含上述所有步骤的结果，采用标准格式（位置、类别、严重程度、标题、描述、建议），按类别或位置分组，可包含可选摘要。

Restrictions

限制

Do not perform any code analysis inside this skill. Only orchestrate other skills and aggregate.
Do not change the execution order; keep scope → language → framework → library → cognitive.
Do not invent findings; only include findings produced by the atomic skills you run.

不要在本Skill内执行任何代码分析。仅负责编排其他Skill并汇总结果。
不要更改执行顺序；保持范围→语言→框架→库→认知的顺序。
不要编造结果；仅包含所运行原子Skill生成的结果。

Self-Check

自检清单

Examples

示例

Example 1: Diff review for .NET project

示例1：.NET项目的diff审查

Input: User says "review my code" and provides a git diff; project is C#.
Expected: Run review-diff → review-dotnet → review-security → review-architecture (skip framework/library if not Vue or other); aggregate all findings into one report with categories
```
scope
```
,
```
language-dotnet
```
,
```
cognitive-security
```
,
```
cognitive-architecture
```
.

输入：用户说“审查我的代码”并提供git diff；项目为C#。
预期结果：运行review-diff → review-dotnet → review-security → review-architecture（若不是Vue或其他框架/库则跳过）；将所有结果汇总成一份报告，包含
```
scope
```
、
```
language-dotnet
```
、
```
cognitive-security
```
、
```
cognitive-architecture
```
类别。

Example 2: Codebase review for Vue frontend

示例2：Vue前端的代码库审查

Input: User says "review src/frontend" and project uses Vue 3.
Expected: Run review-codebase on src/frontend → review-vue → review-security → review-architecture; aggregate into one report.

输入：用户说“审查src/frontend”且项目使用Vue 3。
预期结果：在src/frontend上运行review-codebase → review-vue → review-security → review-architecture；汇总成一份报告。

Edge case: No language match

边缘案例：无匹配语言

Input: Project is Rust or another language with no atomic skill yet.
Expected: Run scope (review-diff or review-codebase) → skip language and framework → run review-security and review-architecture; aggregate. Report should note that language/framework review was skipped (no matching skill).

输入：项目为Rust或其他暂无对应原子Skill的语言。
预期结果：运行范围Skill（review-diff或review-codebase）→ 跳过语言和框架步骤 → 运行review-security和review-architecture；汇总结果。报告中需注明语言/框架审查已跳过（无匹配Skill）。

Appendix: Output contract

附录：输出约定

The aggregated report MUST use the same finding format as the atomic skills:

Element	Requirement
Location	`path/to/file.ext` (optional line or range).
Category	`scope` , `language-` , `framework-` , `library-` , `cognitive-`
Severity	`critical` , `major` , `minor` , `suggestion` .
Title	Short one-line summary.
Description	1–3 sentences.
Suggestion	Concrete fix or improvement (optional).

Group findings by Category or by Location. Optionally include a summary table (e.g. count by severity or by category) at the top of the report.

汇总报告必须采用与原子Skill一致的结果格式：

元素	要求
位置	`path/to/file.ext` （可选行号或范围）。
类别	`scope` 、 `language-` 、 `framework-` 、 `library-` 、 `cognitive-`
严重程度	`critical` 、 `major` 、 `minor` 、 `suggestion` 。
标题	简短的单行摘要。
描述	1-3句话。
建议	具体的修复或改进方案（可选）。

结果可按类别或位置分组。可选择在报告顶部添加摘要表格（如按严重程度或类别统计数量）。